diff options
Diffstat (limited to 'rhbz-966424.patch')
-rw-r--r-- | rhbz-966424.patch | 23 |
1 files changed, 23 insertions, 0 deletions
diff --git a/rhbz-966424.patch b/rhbz-966424.patch new file mode 100644 index 0000000..c4c332e --- /dev/null +++ b/rhbz-966424.patch @@ -0,0 +1,23 @@ +--- a/toolkit/modules/CertUtils.jsm ++++ b/toolkit/modules/CertUtils.jsm +@@ -170,17 +170,19 @@ this.checkCert = + issuerCert = issuerCert.QueryInterface(Ci.nsIX509Cert3); + var tokenNames = issuerCert.getAllTokenNames({}); + + if (!tokenNames || !tokenNames.some(isBuiltinToken)) + throw new Ce(certNotBuiltInErr, Cr.NS_ERROR_ABORT); + } + + function isBuiltinToken(tokenName) { +- return tokenName == "Builtin Object Token"; ++ return tokenName == "Builtin Object Token" || ++ tokenName == "Default Trust" || ++ tokenName == "System Trust"; + } + + /** + * This class implements nsIBadCertListener. Its job is to prevent "bad cert" + * security dialogs from being shown to the user. It is better to simply fail + * if the certificate is bad. See bug 304286. + * + * @param aAllowNonBuiltInCerts (optional) |